toggle

AAPL Stock: 111.74 ( + 2.33 )

Printed from http://www.macnn.com

XProtect updated, blocks non-current Flash plug-in over security flaws

updated 12:16 am EDT, Wed September 11, 2013

Adobe squashes 14 security issues in latest update to Flash for browsers

It wasn't only about iPhones and iOS on Tuesday -- Apple continues to keep an eye out for potential security threats and, where possible, prevent them. A recent silent update to Apple's built-in (for Snow Leopard and higher) XProtect anti-malware software blocked all but the most recent update to Java due to security concerns, and today another update to XProtect did the same thing to all but the very latest release of Flash, as Adobe released a patch that fixes some 14 bugs that could have compromised user security.

The XProtect update blocks Flash versions 11.8.800.94 and earlier, however users can easily upgrade to the latest stable version -- 11.8.800.168 -- by either updating through the Flash system preference pane in System Preferences, or by obtaining and installing it directly from Adobe. While the Flash Player update has been available for a few days, Adobe on Tuesday updated Shockwave Player, Adobe Reader and Acrobat for OS X and other operating systems to fix further bugs -- a total of 14, with most in Adobe Reader and Acrobat.

The company said the vulnerabilities "could cause a crash and potentially allow an attacker to take control of the affected system," in Flash Player, Reader and Acrobat, and that bugs in Shockwave Player could allow attackers to "run malicious code on the affected system," reports FairerPlatform. Google Chrome users will be automatically updated and need do nothing, while users of other browsers should either update Flash to the latest version or disable it in their web browsers entirely. Safari automatically disables Flash if it hasn't been used in a month, but will reactivate it if it is up-to-date at the time it is needed.

Adobe AIR should also be updated for Mac users, to the latest version: 3.8.0.1430. XProtect is silently updated by Apple and users do not need to consult Software Update in order to keep it running -- it is built into Apple's current and previous two OS releases, Snow Leopard (10.6.x), Lion (10.7.x) and Mountain Lion (10.8.x).





by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. daqman

    Junior Member

    Joined: 09-15-00

    So, this explains why I spent an hour debugging my wife's Macbook Air yesterday evening instead of enjoying the beer I'd just poured. Whatever is wrong with notifying the user when you block something useful? Apple always touts how wonderful the new OSX notification system is HOW ABOUT USING IT!
    I finally figured out that the latest Java was required but it took a while to even realise that Java was the problem since I didn't know that what she was running was actually a Java applet buried in a webpage.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented